<?php

namespace App\Http\Middleware;

use App\Helpers\Tools;
use Closure;

class Cors
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */ 
    public function handle($request, Closure $next)
    {
        $origin = isset($_SERVER['HTTP_ORIGIN']) ? $_SERVER['HTTP_ORIGIN'] : '';

        $allowOrigin = [
            'http://localhost:8080',
            'http://localhost:3000',
            'http://192.168.0.106:3000',
            'http://192.168.0.107:3000',
            'http://192.168.0.108:3000',
            'http://h5-cooperate.chenrilong.top',
            'https://h5-cooperate.chenrilong.top',
            'https://h5-konka.kkapp.com',
            'http://h2.com',
            'http://www.xiaoyaoji.cn',
            'http://calculate-html.bestpeng.com',
            'https://calculate-html.bestpeng.com:81',
            'https://calculate-html.bestpeng.com',
        ];

        if(in_array($origin, $allowOrigin)){

            $response = $next($request)->header('Access-Control-Allow-Origin', $origin)
                ->header('Access-Control-Allow-Methods', 'PUT,POST,GET,DELETE,OPTIONS')
                ->header('Access-Control-Allow-Credentials', 'true')
                ->header('Access-Control-Allow-Headers', 'Content-Type, Content-Length, Authorization, Accept, X-Requested-With')
                ->header('Access-Control-Max-Age:', 300);

            return $response;
        } else {
            return $next($request);
        }

    }
}
